Chore/update dependencies

[MatFillion]

This pull request updates the development tooling for the extension, focusing on modernizing TypeScript and ESLint configurations, improving CI/CD checks, and resolving a security advisory. There are no runtime or user-facing changes; all updates are for development and maintenance purposes.

Dev tooling and configuration updates:

• Upgraded TypeScript to 5.9.3 and @types/node to 20.19.23, and pinned @types/vscode to ~1.70.0 to match supported VS Code engine versions. [1] [2]
• Upgraded ESLint to 9.x and @typescript-eslint (parser/plugin) to 8.x, and migrated from legacy .eslintrc.js to the new ESLint v9 flat config in eslint.config.cjs. [1] [2] [3] [4]
• Removed the old .eslintrc.js config file and replaced it with eslint.config.cjs using the new flat config format. [1] [2]

Continuous Integration improvements:

• Added new steps to the CI/CD workflow to run TypeScript type checking (npm run typecheck) and enforce linting with ESLint, failing on any warnings. [1] [2]

Security and maintenance:

• Resolved a high-severity security advisory on tar-fs via npm audit fix (transitive dependency).

Other:

• Bumped the extension version to 1.5.1 and updated the changelog to document these changes. [1] [2]

Summary by CodeRabbit

• Bug Fixes

  • Addressed a high-severity security vulnerability.

• Chores

  • Version bumped to 1.5.1.
  • Updated development tooling and devDependencies.
  • CI pipeline now runs type checking and linting before build.
  • Migration to a new linting configuration and stricter lint rules.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

ESLint config moved from .eslintrc.js to flat config eslint.config.cjs and the old file removed. Dev dependencies and package version bumped (1.5.1). CI workflow now runs typechecking and linting before build. CHANGELOG updated. No runtime code changes.

Changes

Cohort / File(s)	Summary
ESLint Configuration \.eslintrc.js, eslint.config.cjs	Removed legacy .eslintrc.js; added eslint.config.cjs flat config with ignore patterns, TypeScript parser/plugin settings, and rules (detailed @typescript-eslint/naming-convention, curly, eqeqeq, no-throw-literal, semi).
Package Manifest package.json	Bumped version to 1.5.1; added typecheck script (tsc -p ./ --noEmit); updated lint script to eslint src; updated devDependencies (typescript ^5.9.3, eslint ^9.0.0, @typescript-eslint/* ^8.0.0, @types/node ^20.19.23, @types/vscode ~1.70.0).
CI/CD Pipeline .github/workflows/ci-cd.yml	Inserted Typecheck (npm run typecheck) and Lint (npm run lint -- --max-warnings=0) steps into the build job prior to the Build step.
Release Notes CHANGELOG.md	Added [1.5.1] entry describing dev tooling bumps, CI lint/typecheck addition, and a security fix; notes that no runtime changes were made.

Sequence Diagram(s)

sequenceDiagram
  participant Dev as Developer / Push
  participant GH as GitHub Actions
  participant Install as Install deps
  participant Typecheck as Typecheck (tsc)
  participant Lint as Lint (eslint)
  participant Build as Build step
  participant Publish as Publish/Artifact

  Dev->>GH: push commit / PR
  GH->>Install: Checkout & Install dependencies
  Install-->>GH: deps installed
  GH->>Typecheck: npm run typecheck
  alt typecheck passes
    Typecheck-->>GH: success
    GH->>Lint: npm run lint -- --max-warnings=0
    alt lint passes
      Lint-->>GH: success
      GH->>Build: Build the extension
      Build-->>GH: build artifacts
      GH->>Publish: Publish / continue pipeline
    else lint fails
      Lint-->>GH: fail (stop)
    end
  else typecheck fails
    Typecheck-->>GH: fail (stop)
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request title "Chore/update dependencies" is clearly related to the main changes in the changeset. The PR's primary work involves upgrading multiple dev dependencies including TypeScript (5.0.0 → 5.9.3), ESLint (8.44.0 → 9.0.0), and @typescript-eslint packages (6.x → 8.x), along with associated tooling changes like migrating to the ESLint v9 flat config format. The title is specific and not vague, using clear terminology ("Chore" for maintenance, "update dependencies" for the action). A teammate scanning the commit history would immediately understand this is maintenance work involving dependency upgrades. While the PR also includes CI/CD enhancements and a configuration migration, these are integral parts of the dependency update effort rather than separate concerns.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/update-dependencies

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 726b478 and d1032b8.

📒 Files selected for processing (3)

• .github/workflows/ci-cd.yml (1 hunks)
• CHANGELOG.md (1 hunks)
• package.json (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• CHANGELOG.md
• .github/workflows/ci-cd.yml
• package.json

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull Request Overview

This PR modernizes the development tooling by upgrading to TypeScript 5.9.3, ESLint 9.x, and @typescript-eslint 8.x, while also adding CI checks for type safety and linting. The changes are entirely development-focused with no runtime or user-facing modifications.

Key Changes:

• Upgraded TypeScript and ESLint to latest major versions with corresponding type definition updates
• Migrated from legacy ESLint configuration to flat config format (eslint.config.cjs)
• Added CI/CD type checking and lint enforcement steps

Reviewed Changes

Copilot reviewed 5 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
package.json	Updated version to 1.5.1, added typecheck script, upgraded dev dependencies to TypeScript 5.9.3, ESLint 9.x, @typescript-eslint 8.x, and pinned @types/vscode
eslint.config.cjs	Created new ESLint v9 flat config with TypeScript parser, enhanced naming conventions, and standard rule set
CHANGELOG.md	Documented all tooling updates, CI changes, and security fix in version 1.5.1 entry
.github/workflows/ci-cd.yml	Added typecheck and lint steps with --max-warnings=0 flag to CI pipeline
.eslintrc.js	Removed legacy ESLint configuration file

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

package.json (1)

131-131: Consider removing the deprecated --ext flag.

The --ext flag is deprecated in ESLint 9 in favor of file patterns specified in the config. Since eslint.config.cjs already defines files: ['**/*.ts'], you can simplify this to:

-    "lint": "eslint src --ext ts",
+    "lint": "eslint src",

This change is optional since the flag still works for backwards compatibility.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8f8886e and 726b478.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (5)

• .eslintrc.js (0 hunks)
• .github/workflows/ci-cd.yml (1 hunks)
• CHANGELOG.md (1 hunks)
• eslint.config.cjs (1 hunks)
• package.json (2 hunks)

💤 Files with no reviewable changes (1)

• .eslintrc.js

🔇 Additional comments (6)

.github/workflows/ci-cd.yml (1)

33-37: LGTM! CI quality gates added correctly.

The new typecheck and lint steps are well-positioned between dependency installation and build, ensuring code quality before packaging. The --max-warnings=0 flag appropriately enforces strict linting standards.

CHANGELOG.md (1)

7-24: LGTM! Comprehensive release documentation.

The changelog entry clearly documents all tooling updates, CI enhancements, and the security fix, with appropriate notes about the development-only nature of changes.

package.json (3)

5-5: LGTM! Version bump aligns with changelog.

The version increment to 1.5.1 correctly reflects the maintenance release.

---

132-132: LGTM! Typecheck script correctly configured.

The typecheck script using tsc -p ./ --noEmit is the standard approach for type checking without emitting compiled output, perfectly suited for CI validation.

---

137-144: LGTM! Dependency updates are well-coordinated.

The dependency updates are well-executed:

• TypeScript and type definitions upgraded to recent versions
• ESLint 8→9 and @typescript-eslint 6→8 major upgrades align with the new flat config
• @types/vscode changed from ^ to ~1.70.0 intentionally pins to 1.70.x, preventing type mismatches with the minimum supported VS Code version (engines.vscode: ^1.70.0)

eslint.config.cjs (1)

1-44: LGTM! ESLint flat config migration executed correctly.

The migration from .eslintrc.js to ESLint v9 flat config is well-structured:

• CommonJS format (.cjs) is appropriate for ESLint configuration
• The two-config structure correctly separates global ignores from TypeScript-specific rules
• Ignored paths match the previous configuration
• TypeScript parser and plugin setup follows ESLint 9 best practices
• The @typescript-eslint/naming-convention rules are comprehensive with progressive specificity:
  • Handles constants (UPPER_CASE/camelCase)
  • Enforces PascalCase for types/interfaces
  • Allows leading underscores for private members
  • Provides flexibility for enum members
• Generic rules (curly, eqeqeq, no-throw-literal, semi) are all appropriately set to 'warn'